[CentOS] set default permission to deployuser:deployuser for nfs common mount point /mnt/test

Sat Nov 5 18:48:08 UTC 2022
Emmett Culley <lst_manage at webengineer.com>

On 11/5/22 9:18 AM, Kaushal Shriyan wrote:
> Hi,
> 
> I am running two GCP GCE VM instances running CentOS Linux release 7.9.2009
> (Core) behind https load balancer. I am using
> https://cloud.google.com/filestore#documentation to mount the nfs server
> common mount point to both client servers.
> 
> #mount 10.0.0.2:/vol1 /mnt/test
> 
> I did chown -Rc deployuser:deployuser (user:group) /mnt/test. When the php
> code uploads any file to the /mnt/test folder, the file permission is owned
> by php-fpm:php-fpm (user:group)
> 
> Please guide and let me know how to set it to the default permissions
> of deployuser:deployuser (user:group) for all files and folders created in
> nfs server common point /mnt/test.
> 
> Thanks in advance.
> 
> Best Regards,
> 
> Kaushal

Easiest (and possibly the only) way is to set GID bit on /mnt/test - chmod g+swx /mnt/test

Then configure systemd to set the umask for apache and php-fpm.

Create a file named umask.conf and add this to it:

[Service]
UMask=002

Then copy that file to:

/etc/systemd/system/httpd.service.d/umask.conf
/etc/systemd/system/php-fpm.service.d/umask.conf

You may have to create the two .service.d directories.

Then run "systemctl daemon-reload" and restart apache and php-fpm.

I use the Remi repo to allow using different PHP versions and so also added that file to:

/etc/systemd/system/php74-php-fpm.service.d/umask.conf
/etc/systemd/system/php80-php-fpm.service.d/umask.conf

Emmett